Posted
by
Soulskillon Wednesday October 03, 2012 @06:41PM
from the we-know-you-weren't-stuck-in-traffic dept.

New submitter juliohm writes "As of January, Brazil intends to put into action a new system that will track vehicles of all kinds via radio frequency chips. It will take a few years to accomplish, but authorities will eventually require all vehicles to have an electronic chip installed, which will match every car to its rightful owner. The chip will send the car's identification to antennas on highways and streets, soon to be spread all over the country. Eventually, it will be illegal to own a car without one. Besides real time monitoring of traffic conditions, authorities will be able to integrate all kinds of services, such as traffic tickets, licensing and annual taxes, automatic toll charge, and much more. Benefits also include more security, since the system will make it harder for thieves to run far away with stolen vehicles, much less leave the country with one."

And we, the technicians, geeks, engineers, and software architects of the world, greedily line up to offer suggestions on how best to feed that pernicious appetite out of either being forced into it simply to have food to eat, or for fame and fortune.

The result is the same. We make the very chains they enslave us with, and happily forge ever more diabolical pleasures to satisfy big brother.

Who made DRM? It wasn't a media executive. It was somebody in a cubicle. Think about that.

Its a job description, not a moral code. Of course all sorts of people are going to get involved. Techies, engineers, geeks and scientists designed gas chambers. Quite a lot of the blame lies with the charismatic sociopaths who convinced them this was a good idea, aka politicians and CEOs - in other words if it wasn't for the talking heads at the top, the techies probably wouldn't have come up with this stuff of their own accord.

If it is possible, someone will make it. It might as well be us. In the US license plate readers, accomplish the same (though they are not that prevalent, yet(read, not that cheap yet)).

What we really need is, for people to put pressure on govt to pass privacy laws. I would be fine with this idea, if the data is destroyed after a day or so. To store it beyond a day, you need a warrant signed by judge.

Make an oath not to willfully cause harm, and internally enforce it. Call it whatever, but we need some form of morality in our profession, and willfully creating code we KNOW to be malicious is clearly immoral, regardless of what moral compas you choose to employ.

Simple things, like "I will not create mass mailers for commercial uses", "I will not create personally identifiable tracking systems of any sort.", "I will not create nor enforce systems to hinder political speech of any kind.", "I will not willfully penetrate another computer system without permission, and will not create tools to do so either.", "I will not willingly install backdoors for spying, monitoring, or sabotage, for any agency, in any software or systems I create.", etc.

It doesn't need to be religious, like 'i will only make open code' or anything. Just things we can unilaterally agree are clear misuses of technology. Kinda like doctors refusing to create bioweapons. That kind of thing.

I am not sure how expect these to work. Most mass mailers I have seen were for legitimate use. They accept a list of email addresses (very often in excel format) and send an email to all of them. The mass mailer application cannot differentiate between legitimately obtained email address and illegitimately obtained ones. The same with tracking systems, there are legitimate uses for tracking. Every tracking system was created for legitimate use (gathering information for targeted advertisements is legitimate

Agreed; just like there are legitimate reasons to create monster viruses (biological) for medical research.

Unlike biological viruses, which are often never released to the public, the tool I release (be it a DDoS tool or mass mailer tool), can be used very easily for nefarious purposes. If most of my genuine tools can be used for nefarious purposes, then what is the point of the oath?

As for purpose, that is more external. For that, we need a history lesson.

Hippocrates was not an ordinary physician. He was the lead physician at a well respected hospital/temple of apollo. He was greatly displeased that other doctors in other cities engaged in nefarious antics, and belived strongly that medicine should only be used to heal, and medical knowledge should never be used to cause injury or harm. He couldn't force the doctors in other cities to comply with that moral vision, and didn't really attempt to explicitly.

Instead, he made all of his students swear to an oath that is basicaly the granddaddy of viral licensing. It prohibited his students from delivering medical knowledge to any physician that wasn't an oath sworn one, in their tradition.

The external factor was that the citizenry held more trust in hippocratic doctors than doctors of other schools, because of the added and strongly enforced ethos of that school of medicinal practice. As such, over time, the hippocratic school simply stole all the customers and students.

Ok, history lesson over.

I am suggesting that a community be created with the express intent that technological knowledge should never be used to willfully harm people, with similar implicit and explicit restrictions as the hippocratic oath. We should protect information with very strong asymetric keys, and exchange information only with other members. Membership should be free, but be serious business. The idea is to foster trust with industry and the citizenry at large, by being a very highly sanitized specialist forum to discuss vulnerabilities and solutions to those vulnerabilities in a sanitized environment. Failure to comply with the restrictions of the community results in having your keypair banned for life, and having your real identity added to a (searchable) wall of shame. All exchanges in the community are always encrypted, and stored in the encrypted form. Community members authorize other members to read their posts by distributing public keys. Each message is to contain a cryptographically identifiable hash, such that decrypted messages can have a unique and positive identification of which public key did the decryption. Each member retains his/her private key. To an outsider viewing the forums, they will see only huge blocks of RSA style crypto streams in nested succession. A CA should fascilitate the assignment and revocation of keys.

This would allow community collaboration and exchanges on wild exploit discoveries in a more protected environment, and enable more controlled release of information with industries impacted, with the intent of proving and sustaining professional trust, making the community a preferential setting for such dicussion.

The idea is to passively win out over disreputable technology workers by concentrating information, and internally vetting members. Membership must always be free and easy to obtain. It should be difficult to RETAIN, except through strict adherence to the rules. Membership thus gives access to a potentially huge archive of very specific information, and a potentially valuable asset in security consultency.

It wouldn't hold any legal protection or authority. It would simply be a stongly enforced "club", with a strong code of conduct.

The reason for multiple keypair generation is to frustrate attempts at collecting and brute forcing the data, and just accepting the added complexity tradeoff.

You missed a huge, glaring weak point in your plan: back in the ancient Greek days, there were few books, all hand-printed. The only place to learn was from a school.

Now, we have the internet. Anybody can learn anything (s)he has the grey matter to understand. Even when I was a kid, long before the internet existed, I had public libraries that taught me anything I wanted to know. Plus, we had an Encyclopedia Britannica (I read the whole thing when I was 12).

Simple things, like "I will not create mass mailers for commercial uses"

Just like machinists will refuse to make guns for mass murderers? In theory, a great idea. In reality, well... more thought is needed.

I have created at least one mass mailing program for "internal" use (the targets were the owner/user of certain configurations of computers). Internal is in quotes because the organization I wrote it for had locations on several continents and it seems weird to use the word internal in such a situation. Could the program have been repurposed and used outside of the organizati

I didn't mean for those suggestions to be strict cannon. I am only one person, and how I interperate the problem could be seen as oppressively restrictive by too many people. It was just a suggestion.

I was thinking more along the lines of bulk mailers, being created and operated with the intention of defeating inbox filtering technologies, attempting to confuse, mislead, or defraud readers, and unwanted distribution of advertising materials.

If it is possible, someone will make it. It might as well be us. In the US license plate readers, accomplish the same (though they are not that prevalent, yet(read, not that cheap yet)).

What we really need is, for people to put pressure on govt to pass privacy laws. I would be fine with this idea, if the data is destroyed after a day or so. To store it beyond a day, you need a warrant signed by judge.

Aha, but this is the next step. It would be easy to swap plates with some other vehicle in a garage or parking lot. However it probably is not nearly as easy to swap the chip in your car. Also you could smear mud on a plate rendering it unreadable. My brother used to do that when he was 14 and wanted to drive his unlicensed car. Out of date plate, back then they issued new ones every year with alternating colors, with mud or snow covering the year. N.Y. in the 50s.

Time we started actively fighting back then. If this system is deployed someone should make a device for reading the data back from the side of the road, ideally something like a box a person can put on their property to do it. Then upload that data to a web site which displays the location of vehicles on a map. Watch the public go ape shit as they realize their location is now public whenever they drive.

Richard Feynman was asked about the morality of the atomic bomb he helped create. He replied "I just didn't THINK about it," giving the impression of a scientist absorbed with science in the moment, and oblivious to morality and consequences. Until later. Here we info tech folk are thinking about the morality beforehand, and still doing it. Looks like it takes more than thinking, it takes doing; and frequently, not doing.

The big brother society... Marches on steady. Unstoppable and with an insatiable appetite for new technology

It also deploys very quietly these days. It's already up and running before people notice it's there.

We already HAVE four federally mandated car trackers on all passenger cars (along with most other vehicles) since 2007.

It's called a "Tire Pressure Monitoring System". It works by having (typically) a lithium-cell powered device in the valve stem on each wheel that transmits the tire pressure information along with a unique serial number (so your dashboard computer doesn't get confused by nearby cars). These can also be read by loops in the road.

"Big Brother" has been tracking your cell phone for at least 15 years now, so I fail to see how tracking of a person's location could ever get more intrusive. This is an added benefit for law enforcement's real problem of tracking auto-theft / toll dodgers.

There was no sane reason why NASA needed that information. They were just collecting it because they could. Because someone said, "well, we've got just about everything on these boys...

I can think of one very good reason. To have a control sample to test against when they get back, to see what effects the low gravity/increased radiation had on them. Who knows, there might be gravity related issues with reproductive processes just like there are for bone and muscles.

Or for later use, in case there was a radiation accident that would render them incapable of having children.

The previous method, ID plates, are also read by machines, only just from the front or back, this just adds a few sides, left, right, top and down.
It's the best way to ensure that the billion additional people who'll get cars in the future don't kill or maim us.

If this method allows to weed out the morons who are incapable of using turn signs or stopping at red lights or obeying the speed limits, I'm for it.

Combined with an electronic license that starts the car only if it's valid and books fines automatically from the driver's account instead of forcing us to pay billions for police officers for this idiotic job it will make the traffic much more civilized.
I use my navigator on every trip, even if I know it by heart, because it warns me if I'm speeding. I don't see the point of watching all the time for signs behind trees and bushes and other crap that real police officers use to entrap us.
I would really like a cruise-control that gets its info from the navigator an sets its speed limit automatically instead of forcing me to adjust it all the time by hand to avoid radar traps.
Since the rise of the navigator I didn't get fined a single time.

I don't care for the 'freedom' to risk other people's lives.

So, you're ok with the government tracking all of your movements as long as it keeps you from accidentally speeding. Either this is a bad piece of astroturfing, or the price of your freedom is way too low.

I clone your MAC address, I decrypt your Wi-Fi, and I own your basic electronics already.

Apply these relative basic skills and what do you have? A high-tech integrated system which can actually be used to conceal the identity of a vehicle behind a false identity, and charge up all sorts of services to the legitimate owner besides.

Fine. Get that service if you want. That doesn't mean it should be shoved down our throats by the state under the guise of safety. Would you want a policeman in your house 24/7 to 'monitor' your 'well being'? No? Why not?

That's excactly the rationale being used to sell the idea. That it will reduce car stealing, because the police will be able to follow a thief anywhere.

Also, it can be turned off.

I'm against the idea, but not by fear of the Big Brother, It is just that this is an explicit ploy to interfere in a market, taking my money at the gun-point, and sending it to a few choosen ones (the companies making tracking devices).

Anyway, it will probably do what is advertised, and reduce car stealing. It will send the crimina

Sure you can hack some home WiFi. Your enemy is one guy, statistically speaking most likely someone with just enough computer know-how to reinstall windows.

Going up against a national system is a different game. Not just a different league, a different game. If they don't make the MPAA-stupidity-mistake (invent your own crypto and don't let anyone outside test it for weaknesses) or the typical software-company-mistake (do thinks cheap and fast so you have a great time-to-market, facepalm the day before release and say "oh btw, has anyone thought about security?"), or some other obvious ones, this can be very, very solid.

Crack NSA's SELinux to get a feel for what you're up against. Sure it's possible. All you need is either a serious mistake in the policy configuration, or a ring-0 exploit.

Yes, everything can be hacked. Don't expect to be the one doing it, though. If they do this properly, then a hundred other people have thought of your approach before, during the design, development and testing phases. Maybe they've put in an easter egg for you to find, to reward the effort.

The issue here is they are then handing it to the end user, possibly the criminal end user who can then poke and prod at it endlessly. The other issue is the 'state' doesn't have limitless money in making it work, see:'the lowest bidder'.

It's likely some group of researchers will find a way to break it quickly, and publish a paper on it. A group of technically inclined 'criminals' will turn the research in to a sell-able kit. Th

I actually used that back when I was giving speeches about SELinux. I'd put my IP address and root password on the blackboard at the conference. Someone once managed to drop a file into the root home directory due to a policy configuration error. That's as far as anyone has ever gotten.

You mis-understood. I said 'give' me your SELinux box. Not make it available online. Physical access opens far more avenues of attack, like plugging in to the PCI-E buss and reading all the memory for example. Securing a device against unchecked, unlimited physical access is probably impossible at least until we get quantum cryptography figured out.

>Nobody can hack your machine because he could examine it

Who said just examine it? When you give someone something they can modify it. You seem to have virtua

Ah. Yes, I indeed misunderstood that part. Agreed, physical access changes the game. It means you need to add tamper-resistance and temper-evidence to the equation. Again, something that someone with a bug budget who wants to get it right can do.

As with the electronic security, there is no 100% security, but you can definitely make it so costly and troublesome that your average murderer or bank robber can't get it done. And definitely not some random guy who wants to frame someone else.

It's either tragic or funny, but Brazil's traffic dept. doesn't have the first clue about IT security. They use ye olde Windows and don't even bother configuring anything. Which means every user is an administrator and autorun is enabled. Keylogging is a real problem, but I suspect no one wants to secure anything properly because "oh, all those traffic tickets disappeared? I guess someone broke into my system again" is a great excuse for when you want to bail a friend or make a few extra bucks.

Realize this: The TSA's job is not, never has been and never will be to provide any actual security worth mentioning. It's job is to create an impression of security and a reference for politicians that they've thought of the chiiiildren.

Look to Ben Gurion International Airport if you want to know how to do air traffic security properly.

WPA2 can also be cracked these days depending on the 'strength' of your password. If you use anything that's in the dictionary or any derivative of it it can be hacked in a matter of minutes. Random passwords with at least 8 characters are the least acceptable.

Either way, given governments around the world's ineptitude with security (see the various chip ID or bus card systems snafu's) in combination with the car manufacturers ineptitude in the same area (see BMW). I doubt this system will be very secure be

I doubt this system will be very secure because of it's nature alone, it needs to be cheap, easy and work in various circumstances, the cost of cryptology will be too high.

Economics 101: The cost of a solid crypto and hardware system is a one-time cost. Divided by the number of vehicles that'll use it over, say, the next ten years, it'll probably come out to less than a burger.

Yes, that may be true for computer systems but working with micro controllers and radio frequency and encryption is a whole other beast.

(Good) encryption requires no-fault transmission (or error correction/resend mechanics a la TCP), key exchanges, authentication and authorization on both sides and calculating large factors on-demand. If you don't do that, you'll get stuck with garbage data, one extraction leading to all devices being compromised, impostors and scammers or very weak keys.

If you need statistical data, the unique IDs are just there to avoid counting errors. It doesn't matter if they can be manipulated, forged, whatever. So what if the bank robbers pass by without being counted due to their disabled transponder? That's a 1-car counting error on your "how much use does this street get" statistics, and doesn't matter.

For toll collection, etc. you would need to build the more reliable stations, and maybe people would still need to

the "chip" would have to come for a car right next to the stolen car or else a flag would be raised about the teleporting vehicle
also it would have to be a car of similar mechanical characteristics - your stolen sportscar with its minibus "chip" might show up if they track time between readers.
similar would be driving characteristics of drivers showing up as patterns on readers on routes used a few times.

authorities will be able to integrate all kinds of services, such as traffic tickets

Remember the bad old days, when police inconvenienced you with long stops while they wrote you a ticket just when you most urgently needed to get somewhere? Well, those days are gone! Now, a pile of tickets will arrive in your mail each day without you ever being held up by those pesky police. We hope you appreciate the convenience we've brought you while you're speeding off to your destination.

It looks like you come from the middle XX century. We already have that automatic stream of tickets you are speaking of. Today we get them from cameras... But everybody knows it is just a matter of time untill we get a more aware system that tracks you everywhere.

Anyway, computers are still quite stupid. The people that want to decieve those systems do. That too will change with time, and it will probably both remove the problem of unreliable humans operating cars, and create much bigge

Nope! No drawbacks here. Why would the headline be written in anything other than pure, positive spin? Especially since this was probably posted from a chipped car with big brother watching quite carefully for any accidents, traffic or wrong thoughts.

The "must be tagged" law will not prevent theft, and will not prevent other criminal activities.

It does not prevent the criminals from disabling a tag, altering a tag, or replacing the tag.

What the tracking system ultimately tracks are the tags. Not the vehicles.

As such, removing the tags, and then transporting the vehicle under a different but "valid" tag would make an effective means of breaking this system.

The real benefit to law enforcement/government is *NOT* combating criminals, it is tracking law abidding citizens.

I would expect catch-22s like "we show your vehicle at the scene" in one case and "you can't prove that isn't a fake transponder being used to put you on the other side of the country" in another, with the difference being the desire of the prosecutor.

(Eg, "iron-clad, irrefutable!" When used to show guilt, and "suspect, clearly a technological fabrication!" When used to assert innocense.)

If anything, this masure will spawn a new form of criminal activity, buying, selling, and provisioning counterfiet/shady transponders.

A lot depends on what one views as an effective long term crime prevention strategy.

First there's the top down approach. Assuming that the majority of the worst criminal activity is perpetrated by experieced life long criminals (think ring leaders, organised crime, career criminals etc) then it stands to reason you want to target those individuals for arrest and incarceration. Yes, there are outliers; nutjobs going on shooting sprees, crimes of passion, serial killers, and the odd person who comes up with a

Does everyone have to buy a new car equipped with all the integrated RFID/transponder gadgetry to participate in the mandated tracking system?
This type of thing, and the upcoming "black box" additions to new cars sold in the USA, are perfect examples of why you should not buy new cars frequently. Instead, repair whatever goes wrong with your current/old car and stop being so damn wasteful. Pick a good car that you like and keep it going.
I learned how to do almost all of my own car repair for this purp

What's to prevent them, some years down the line if not immediately, from requiring that you retrofit your existing older car to have this device installed ala LoJack or satellite radio or any number of other devices that owners currently voluntarily install into their older vehicles?

It could be argued that pervasive and panopticon-like enforcement of traffic regulations could result in a fantastically superior motorist environment, where people speeding; performing rolling stops; and performing dangerous lane changes become a thing of the past due to automated creation of moving violations.

*reality:*

The problem however, will be with technological erros showing people speeding when they really aren't from multipath reflections, people being charged for driving

Victoria Australia has been doing this experiment with a 3% tolerance on speeding. The result is accident counts have not decreased since they started it, congestion has gone up , the deaths per km driven is increasing and the deaths per hour while traveling are also going up. The increased congestion seems to be killing pedestrians at a might higher rate too. We are not seeing any of the advantages that newer cars should be providing to the accident rates. The roads are moving fewer people and injuring

See for example, the East Kellog (US 400) expansion in wichita kansas on google streetview. You will notice that there is an isolated entry/exit lane that fascilitates getting into the sidstreets, and a completely uninhibited arterial flow after that on the US 400 highway.

Traffic tickets are not a "service". A service implies that you actually get something useful in return.

You assume that the service always has to be towards the subject. It doesn't. The police performs a service when it arrests a burglar, but the service isn't towards the burglar, it is towards the house owner. Traffic tickets are a service to the other participants of traffic, because by punishing undesireable behaviour they limit it.

Yeah, we can talk all night about how reality sometimes differs and how speeding traps are often put not at the spots where speeding is dangerous but where they'll catch the most people, etc. etc. - that's implementation details.

Traffic tickets are a service to the other participants of traffic, because by punishing undesireable behaviour they limit it.... speeding traps are often put not at the spots where speeding is dangerous but where they'll catch the most people

I think you may have contradicted yourself there.

Punishing undesirable behavior would require targeting the "unsafe" places. That's not really an "implementation detail", that hijacking the original/stated purpose (keeping highways safe) and rerouting it to the new purpose (making money for the local municipality).

Also, I am pretty sure that "unsafe" speeds are mostly relative. Someone going +30miles with traffic is nowhere near as dangerous as a person weaving around/passing at +15miles. So "implementa

I don't think so. I juxtaposed theory and practice. As I said: I'm with you when you want to argue that the way in which this is actually being done is not always how it should be. But the point that traffic tickets aren't a service because you pay and get nothing in return is simply wrong for the reasons I stated.

There is no freedom without (some) security. Obviously, the pendulum is currently swinging too far to one side, and we need to correct that, but the opposite extreme is also to be avoided. If you spend every waking hour scrounging for food in a jungle while praying not to get caught by a roving warband, you are most certainly not free.

Remember Roosevelt's four freedoms: Freedom of expression, freedom of religion, freedom from want, and freedom from fear. His particular statement of them was overly narrow

Can I send you my bank details and you transfer me your life insurance and retirement savings? You don't need that security, but you do sacrifice some (financial) freedom for it by paying into it every month. I will gladly relieve you of that burden.

Really, our traffic is terrible in most cities. Anything that can help to make it better is a good thing.

Yeah, privacy is a concern, i hope they make it in a way that it won't be abused. But considering the total lack of respect brazilian motorists have in traffic this will help a lot. We have here a lot of fatal accidents with pedestrians and cyclists that the motorist simply just run away and no one sees who it was, with a system like this it'll be possible to get a list of suspects very easily in this k

Anything? really? How about all traffic violations punished with the death penalty? No? Why not?

Yeah, privacy is a concern, i hope they make it in a way that it won't be abused.

Yes because even without the electronics, governments have historically respected liberty, freedom, and due process when using the information gathered from monitoring policies.. What kind of crack are you smoking?

The range of the signal is just 5 meters,

Radio doesn't work like that.

If the rang was big i would love to have it on my bike also, i would put it glue inside the frame, no way to remove it into the street.

so, the abuse of your fellow citizens by your government is a-ok as long as the government protects your bike for you? You selfish twat. I hope you're not like most brazi

I've seen Brazil, it's like 90% illegal. As in the houses, utilities, economy. Rio has an unlicensed bus system by a loose affiliation of van-owners that is way more popular than the official one. There is not a single law there that a majority of the population obeys.

I lived in Brazil for 3 years, and while it's a lot easier to find the black market in Brazil than in the US, it's no where near 90% illegal. Even where Redock and Abbedias type knock-off options are available Brazilians recognize and would rather have the real deal.

For the most part the people who have illegal utilities are shack dwellers (even poorer than those in brick-built favelas). Even most of the brick buildings in the favelas have an electric and water meter attached and in use.

Brasil is a communal society; we could care less for individual rights. Heck, if the entire country goes out on the streets naked every February, there is no need for individualism.

That being said, it's really hard to enforce a law in Brasil, mostly because it is a matter of national pride to find a way around the rules. They can put as many transponders as they want, but if all the population gets are tickets, then even the dealerships will have an "unofficial" - official - system to remove the tags.

The same thing happened with DVD players way back. Companies tried to force consumers to only get players for region 7. Except that, when you bought a DVD player, the salesman himself would write a code in a piece of paper that you could use to unlock all the regions.

Of course, if the system is used properly, then people won't bother. They could care less if some random guy knows if they are going to churches or brothels.

It is VERY FUNNY how foreigners or first world people think about that.The REAL reason is:

TAXES, FEES and revenues.

The Brazilian gov. only cares about revenues and taxes to keep it's dysfunctional dept. and employees.Brazil was one of the first countries to have its IRS system on internet, paying taxes on INTERNET.

In one of my country roads, there is a camera that read the tags and check if the license is ok.If not it sends a alert to the next police station with details.The police see: White car, tag xx xxxHe stop and tow the car.

But if you go at night that does not work.So the brazilian govt is going deeper.

In sao Paolo you have SOME days you can use your car, if you use on 'not allowed' days and you get caught you get a fine.So this is the reason for the tags.

There is no possibility that anyone could get a system this comprehensive installed and functioning all over one of the largest countries in the world. They would do just as well to set a date upon which all lead in the country will turn into gold, it stands a better chance of succeeding!

It would fail outside the major cities at least. The cops over there can't even keep people from hacking into the water and power system. I went to one place where there was a literal "wrong side of the tracks". On one side, everyone paid for their utilities. On the other side, water was spraying out of pipes duck taped into each other in all directions and extension cords were running under the tracks. I am curious, are you Brazilian? You spelled Brazil with an "s" instead of a "z" like Brazilians.

The police in Sao Paolo have bigger problems than policing the citizenry:

... more than 70 police officers killed this year in São Paulo, Brazil’s largest and most powerful state. The sharp increase in murders of police officers, up almost 40 percent since last year, has raised fears of a resurgence of the First Capital Command, a criminal organization that carried out a harrowing four-day uprising here in 2006 during which almost 200 people were killed.

* And if a car is stolen, disabling the tracking chip is bound to be easier than filing out the serial number, which is common practice.

Tracker is a system that's been in use in the UK for years. Car owners choose to install them, and they are used when/if the car is stolen.

The reason car thieves don't tend to remove them is that the box is installed in a random hard to get at location in each car. It'd be a major undertaking to dismantle every part of the car where a tracker might be concealed.

The most common exploit seems to be to drive the stolen car into a shipping container, which prevents tracking. The car is then shipped to a foreign